lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <3F8E3C2F.3050503@snosoft.com>
From: dotslash at snosoft.com (KF)
Subject: Supposed SaS "encryption" weak - Coments and
 Infor about wrong claims

Heh watch out for that DMCA.
-KF


Lorenzo Hernandez Garcia-Hierro wrote:

>Dear Paul,
>I've testing your exploit ( good one ) for the supposed html encryption weak
>of SaS.
>I think yo toke the exploit/perl script from a developers site because SaS
>is using an standard of encoding,
>here is the proof :
>variables for function _fwk_filter_encrypt($content)
>$table = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_@";
>  $xor = 165;
>as you see it's not encryption , so , you didn't cracked nothing....
>you decoded it !
>the script its not for protect sites information such as passwds or usrnames
>, etc , it is stupid to use it for those things.
>It is only a low protection for people that copy contents ( people that its
>only interested in copying things ) and its not
>for critical uses.
>Another thing:
>here is the code for prepare tables of encoding characters:
>$table = array_keys(count_chars($table, 1));
>  $i_min = min($table);
>  $i_max = max($table);
>  for ($c = count($table); $c > 0; $r = mt_rand(0, $c--))
>    array_splice($table, $r, $c - $r, array_reverse(array_slice($table, $r,
>$c - $r)));
>
>the encode sequence:
>
>$len = strlen($content);
>  $word = $shift = 0;
>  for ($i = 0; $i < $len; $i++)
>  {
>    $ch = $xor ^ ord($content[$i]);
>    $word |= ($ch << $shift);
>    $shift = ($shift + 2) % 6;
>    $enc .= chr($table[$word & 0x3F]);
>    $word >>= 6;
>    if (!$shift)
>    {
>      $enc .= chr($table[$word]);
>      $word >>= 6;
>    }
>  }
>  if ($shift)
>    $enc .= chr($table[$word]);
>
>--- THE FINAL DECODE SEQUENCE ----
>// Decode sequence
>  $tbl = array_fill($i_min, $i_max - $i_min + 1, 0);
>  while (list($k,$v) = each($table))
>    $tbl[$v] = $k;
>  $tbl = implode(",", $tbl);
>
>  $fi = ",p=0,s=0,w=0,t=Array({$tbl})";
>  $f  = "w|=(t[x.charCodeAt(p++)-{$i_min}])<<s;";
>  $f .= "if(s){r+=String.fromCharCode({$xor}^w&255);w>>=8;s-=2}else{s=6}";
>
>----
>You see ?
>xD
>So definately not encryption ,
>you are wrong....
>encoding , i know , is a shit form to protect things but its the easier and
>fast form to bind a low protection system for contents.
>here is the javascript used:
>$r.= "function decrypt_p(x){";
>  $r.= "var l=x.length,b=1024,i,j,r{$fi};";
>  $r.=
>"for(j=Math.ceil(l/b);j>0;j--){r='';for(i=Math.min(l,b);i>0;i--,l--){{$f}}do
>cument.write(r)}";
>  $r.= "}decrypt_p(\"{$enc}\")";
>
>CONCLUSIONS:
>- I think , i can be sure checking this later , you copied the exploit code
>from a developers site.
>- You were first wrong saying that the Encryption system is cracked , asyou
>see you dind't cracked nothing !!
>you decoded a simple xor sequence w00w!
>- Your claims saying i have lots of free time for [-] other sites[-] its
>completely inapropiatted,
>first of all:
>- i don't make these things for famous , just for fun and hobby
>- i don't say false things
>- sometimes i'm wrong ( i'm human ) or lots of times ! but the important
>thing is that i recognice my errors.
>
>--
>Thank you and next time do a better research.
>Best regards to all the members of Ful-Disclosure.
>-------------------------------
>0x00->Lorenzo Hernandez Garcia-Hierro
>0x01->/* not csh but sh */
>0x02->$ PATH=pretending!/usr/ucb/which sense
>0x03-> no sense in pretending!
>__________________________________
>PGP: Keyfingerprint
>4ACC D892 05F9 74F1 F453  7D62 6B4E B53E 9180 5F5B
>ID: 0x91805F5B
>**********************************
>No Secure Root Group Security Research Team
>http://www.nsrg-security.com
>______________________
>
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>  
>



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ